BID® Daily Newsletter
Jun 15, 2018

BID® Daily Newsletter

Jun 15, 2018

Seeing Risk Clearly With Acquired Vendors

Summary: While having a solid risk assessment plan for third party vendors is nothing new to bankers, what do you do if your vendor is acquired?

In the human eye, the iris plays a pretty important role. It is the thin structure in the eye that is responsible for controlling the diameter and size of the pupil. That process is critical because it controls the amount of light that goes to the retina. Eye color is also found in the retina in humans. That is why we were happy to see the FDA has approved the first prosthetic iris.
Seeing risk clearly in banking takes skills. While having a solid risk assessment plan for third party vendors is nothing new to bankers, what do you do if your vendor is acquired?
The financial technology (Fintech) world is consolidating, the economy is strong and capital is plentiful, so bankers may soon find themselves in this situation given the plethora of vendors banks now use.
To minimize disruption to your business, protect customer data and ensure you get what you originally paid for, here are things you can do.
Do your Due Diligence on the New Vendor: Just as you would assess any new vendor, this is a good idea here too. While the acquiring entity might be larger and have more capital, they may also be going somewhere else with their business other than where you want to go or where you thought you were going when you signed up with your original vendor. It may also be that the acquiring company will be cutting costs, so see if you can find out how they will do that, to see how you may be impacted.
Meet with New Management: This may be difficult, but it can give you really good insight when practicable. As early as possible, try to find out the plans for the acquired company to best assess if your product will continue to receive the same level of support or if you will need to start looking elsewhere. Don't be shy to ask probing questions of the new team to find out.
Continue Monitoring: Ronald Reagan is credited with saying "trust but verify" and that phrase holds true still today. Be sure to continue checking on the new vendor even after the transition is complete, to gain insight into where they are focused and going.
Have Exit Strategy Plans: If the above monitoring discloses discrepancies or an unexpected discontinuation of your product, you will want to have a plan in place to help extricate your bank from the relationship. Be sure to proactively prepare a plan as soon as the acquisition is announced and pull any contracts to understand your rights and options. After all, as the saying goes, "an ounce of prevention is worth a pound of cure."
To protect your bank from unforeseen and impactful events like those above, be sure to track your vendors as a portfolio. Then, look for those that have been in business for a while, have a history of high quality products and services, a strong capital base, and the wherewithal to support you and their business.
Also, monitor vendors to see if they are strategically positioning themselves to be purchased. One way to do this is by looking for consistent publicity seeking, and perhaps pushy sales techniques that seem focused on growing to a certain size quickly. If you see this going on, you may want to start looking at other vendors and dust off your exit strategy.
Lastly, instead of a "check the box" kind of annual review of vendors, expand your view to include other insights, such as those outlined here. With that, you should see your risk clearly.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

Lessons Learned from Major Banks’ AML Troubles
Major financial institutions like Bank of America and TD Bank illustrate the risks of falling short on anti-money laundering oversight. We look at how CFIs can learn from their missteps to strengthen compliance efforts.
Heightened Regulation Is Making BaaS a Risky Proposition
As regulatory oversight of BaaS increases, CFIs need to be aware of the risks in their third-party relationships. We provide examples of BaaS flubs and how to avoid them.